Increase in CNP fraud based on longstanding tactics by cybercriminals

A white paper released by The Members Group on Thursday said that while there is a “legitimate” connection between the global transition to EMV and card-not-present (CNP) fraud, criminals are using tactics that have been around for decades.

“[F]raudulent online, mail order and telephone transactions posed a significant threat long before the EMV standard began to take hold around the developed world,” the study’s authors—Nicole Reyes, TMG’s senior fraud prevention analyst, and Brandon Kuehl, the senior product manager at TMG—said. “Criminals have a much easier time impersonating someone if they don’t have to look another person in the eye, swipe a fake piece of plastic or enter a stolen PIN into a point-of-sale terminal.”

CNP fraud, according to the white paper, accounts for 16 percent of all U.S. card fraud, resulting in over $5.3 billion in losses last year. Most CNP fraud is the result of the consumer shift from physical purchases to online transactions. American consumers are expected to spend more than $430 billion on electronic transactions by 2017.

“With CNP fraud running at about one percent of e-commerce revenue, we can expect to see losses [soar] over the next three years—unless the industry pulls together an effective CNP fraud loss solution,” the paper said.

Industry participants have attempted to address rising fraud costs with a number of solutions, including EMV card readers used to authenticate cards for online purchases.

The paper said, however, that more recent efforts are “rightly” focused on underlying, invisible technology to secure online transactions, adding that tokenization “offers the greatest potential” to curb rising fraud costs.

“Unlike EMV… tokenization is a technology that is nearly invisible to the cardholder,” the paper said. “[I]t’s a non-intrusive way to keep an eye on consumers’ accounts with minimal involvement from the cardholder.”

The TMG paper said the predicted increase in online fraud following the shift to EMV has forced many institutions to focus on and adapt their CNP fraud strategies.

“As fraudsters acclimate to the new world of payments, issuers, too, must adjust their strategies to keep fighting the good fight,” the paper said.